Online backup firm Carbonite targeted in password reuse attack

One password for all of our different sites not such a great idea.

I like Graham Culey’s remark about what can we do, because our puny brains can not handle all of the passwords we would need to have unique sites. Check out the end of Graham’s article and see how to set up 2 step verification for many popular web sites. 2 Step authentication uses a second code sent at the time of log on to verify your identity. While this slows the process down it is a better method of authentication then password alone.

Online backup company Carbonite is the latest firm to have issued a warning that hackers are attempting to break into its users accounts, and are prompting all users to change their passwords as a result. An email has been sent to Carbonite users explaining that the attackers are thought to be using passwords gleaned from other recent mega-breaches.

…Part of the email reads as follows: As part of our ongoing security monitoring, we recently became aware of unauthorized attempts to access a number of Carbonite accounts. This activity appears to be the result of a third party attacker using compromised email addresses and passwords obtained from other companies that were previously attacked. The attackers then tried to use the stolen information to access Carbonite accounts.Based on our security reviews, there is no evidence to suggest that Carbonite has been hacked or compromised.

To ensure the protection of all our customers and the safety of their data, we are requiring all Carbonite customers to reset their login information…